contrast-agent 7.2.0 → 7.3.1

data/lib/contrast/agent/protect/rule/input_classification/lru_cache.rb

@@ -0,0 +1,198 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/utils/lru_cache'
+require 'contrast/utils/duck_utils'
+require 'contrast/agent/protect/rule/input_classification/cached_result'
+require 'contrast/agent/protect/rule/input_classification/statistics'
+require 'contrast/agent/protect/rule/input_classification/utils'
+
+module Contrast
+  module Agent
+    module Protect
+      module Rule
+        module InputClassification
+          # This Class with store the input classification results for a given user input.
+          # Among the most used inputs are the headers values for session_id and path values.
+          class LRUCache < Contrast::Utils::LRUCache
+            include Contrast::Components::Logger::InstanceMethods
+            include Contrast::Agent::Protect::Rule::InputClassification::Utils
+
+            # Protect rules will always be fixed number, on other hand the number of inputs will grow,
+            # we need to limit the number of inputs to be cached.
+            RESULTS_CAPACITY = 20
+
+            private :[], :[]=
+
+            # Initialize the LRU Cache.
+            #
+            # @param capacity [Integer] the maximum number of elements to store in the cache. For this
+            # instance it will never reach outside of the number of supported Protect rules.
+            def initialize capacity = 10
+              super(capacity)
+            end
+
+            def mutex
+              @_mutex ||= Mutex.new
+            end
+
+            def with_mutex &block
+              return_type = mutex.synchronize(&block)
+            ensure
+              return_type
+            end
+
+            # Capacity of the statistics will always be the number of rule_id Protect supports.
+            #
+            # @return [Contrast::Agent::Protect::Rule::InputClassification::Statistics]
+            def statistics
+              @_statistics ||= Contrast::Agent::Protect::Rule::InputClassification::Statistics.new
+            end
+
+            # Clear the cache and statistics.
+            def clear
+              with_mutex { @cache.clear }
+              clear_statistics
+            end
+
+            # Clear only the statistics.
+            def clear_statistics
+              with_mutex { statistics.send(:clear) }
+            end
+
+            # Check if the cache is empty.
+            #
+            # @return [Boolean]
+            def empty?
+              Contrast::Utils::DuckUtils.empty_duck?(@cache)
+            end
+
+            # Check if the input is cached and returns it if so and record the statistics for the required input.
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param input [String] the user input.
+            # @param input_type [Symbol] Type of the input
+            # @param request [Contrast::Agent::Request] the current request.
+            # @return [Contrast::Agent::Protect::InputClassification::CachedResult, nil]
+            def lookout rule_id, input, input_type, request
+              with_mutex { _loockout(rule_id, input, input_type, request) }
+            end
+
+            # Save the input classification result for a given user input.
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param result [Contrast::Agent::Reporting::InputAnalysisResult]
+            # @param request [Contrast::Agent::Request] the current request.
+            # @return result [Contrast::Agent::Protect::InputClassification::CachedResult, nil]
+            def save rule_id, result, request
+              with_mutex { _save(rule_id, result, request) }
+            end
+
+            private
+
+            # Check if the input is cached and returns it if so and record the statistics for the required input.
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param input [String] the user input.
+            # @param input_type [Symbol] Type of the input
+            # @param request [Contrast::Agent::Request] the current request.
+            # @return [Contrast::Agent::Protect::InputClassification::CachedResult, nil]
+            def _loockout rule_id, input, input_type, request
+              cached = retrieve(rule_id, input, input_type)
+              if cached.cs__is_a?(Contrast::Agent::Protect::InputClassification::CachedResult)
+                # Telemetry event matched.
+                statistics.match!(rule_id, cached, request)
+                cached
+              else
+                # Telemetry event mismatched.
+                statistics.mismatch!(rule_id, input_type)
+                nil
+              end
+            rescue StandardError => e
+              logger.error("[IA_LRU_Cache] Error while looking for #{ input_type } for #{ rule_id }", error: e)
+              nil
+            end
+
+            # Save the input classification result for a given user input.
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param result [Contrast::Agent::Reporting::InputAnalysisResult]
+            # @param request [Contrast::Agent::Request] the current request.
+            # @return result [Contrast::Agent::Protect::InputClassification::CachedResult, nil]
+            def _save rule_id, result, request
+              cached_result = Contrast::Agent::Protect::InputClassification::CachedResult.new(result, request.__id__)
+              new_entry = safe_extract(push(rule_id, cached_result)) unless cached_result.empty?
+              statistics.push(rule_id, cached_result)
+
+              new_entry
+            rescue StandardError => e
+              logger.error("[IA_LRU_Cache] Error while saving #{ result } for #{ rule_id }",
+                           error: e,
+                           stack_trace: e.backtrace)
+            end
+
+            # @param rule_id [String] the Protect rule name.
+            # @param result [Contrast::Agent::Protect::InputClassification::CachedResult, nil]
+            # @return [Array<Contrast::Agent::Protect::InputClassification::CachedResult>, nil]
+            def push rule_id, result
+              return unless result.cs__is_a?(Contrast::Agent::Protect::InputClassification::CachedResult)
+              return @cache[rule_id] = [result] unless key?(rule_id)
+
+              cached_results = @cache[rule_id]
+              cached_results.shift if cached_results.length >= RESULTS_CAPACITY
+              return @cache[rule_id] << result unless already_saved?(result, rule_id)
+
+              nil
+            end
+
+            # Returns the cached result for a given user input. If the input is not cached, it will return nil.
+            # If the input is cached and key is needed, it will return the cached result and the key and key_type.
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param input [String] the user input.
+            # @param input_type [Symbol] Type of the input
+            # @return [Contrast::Agent::Protect::InputClassification::CachedResult, nil]
+            def retrieve rule_id, input, input_type
+              # Check to see if cache exist if not just return the keys info.
+              return unless key?(rule_id)
+
+              safe_extract(query_fetch(rule_id, input, input_type))
+            end
+
+            # returns true on first input already saved with the same input.
+            # We will know if the key is needed from the result itself.
+            #
+            # @param cached_result [Contrast::Agent::Protect::InputClassification::CachedResult, nil]
+            # @param rule_id [String]
+            # @return [Boolean]
+            def already_saved? cached_result, rule_id
+              return false unless cached_result.cs__is_a?(Contrast::Agent::Protect::InputClassification::CachedResult)
+
+              @cache[rule_id].any? do |entry|
+                if entry.result.value == cached_result.result.value &&
+                      entry.result.input_type == cached_result.result.input_type
+
+                  return true
+                end
+              end
+              false
+            end
+
+            # Returns first match for the required input.
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param input [String] the user input.
+            # @param input_type [Symbol] Type of the input
+            # @return result [Contrast::Agent::Protect::InputClassification::CachedResult, nil]
+            def query_fetch rule_id, input, input_type
+              @cache[rule_id].map do |cached_result|
+                return cached_result if cached_result.result.value == input &&
+                    cached_result.result.input_type == input_type
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/protect/rule/input_classification/match_rates.rb

@@ -0,0 +1,66 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/agent/protect/rule/input_classification/rates'
+
+module Contrast
+  module Agent
+    module Protect
+      module Rule
+        module InputClassification
+          # This class will hold match information when input classification is being saved in LRU cache.
+          class MatchRates < Rates
+            # @return [Integer]
+            attr_reader :input_matches
+            # @return [Integer]
+            attr_reader :input_mismatches
+            # @return [Integer]
+            attr_reader :request_matches
+            # @return [String]
+            attr_reader :score_level
+
+            # @param rule_id [String]
+            # @param input_type [Symbol, nil]
+            # @param score_level [String]
+            def initialize rule_id, input_type, score_level
+              super(rule_id, input_type)
+              @input_matches = 0
+              @request_matches = 0
+              @input_mismatches = 0
+              @score_level = score_level if Contrast::Agent::Reporting::ScoreLevel.to_a.include?(score_level)
+            end
+
+            # Increase the match count for the given rule_id and input.
+            def increase_match_for_input
+              @input_matches += 1
+            end
+
+            def increase_mismatch_for_input
+              @input_mismatches += 1
+            end
+
+            # increase the missmatch count for the given rule_id and input.
+            def increase_match_for_request
+              @request_matches += 1
+            end
+
+            def empty?
+              super && @input_matches.zero? && @input_mismatches.zero? && @request_matches.zero?
+            end
+
+            # Returns Agent Telemetry reportable fields.
+            #
+            # @return [Hash]
+            def to_fields
+              {
+                  "#{ to_field_title }.input_matches" => input_matches,
+                  "#{ to_field_title }.input_mismatches" => input_mismatches,
+                  "#{ to_field_title }.request_matches" => request_matches
+              }
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/protect/rule/input_classification/rates.rb

@@ -0,0 +1,53 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/agent/reporting/input_analysis/input_type'
+require 'contrast/utils/duck_utils'
+
+module Contrast
+  module Agent
+    module Protect
+      module Rule
+        module InputClassification
+          # This class will hold match information when input classification is being saved in LRU cache.
+          class Rates
+            # Titles:
+            FIELD_NAME = 'ia'
+            TEST_NAME = '_t'
+
+            # @return [String]
+            attr_reader :rule_id
+            # @return [Symbol, nil]
+            attr_reader :input_type
+
+            def initialize rule_id, input_type
+              @rule_id = rule_id if rule_id
+              @input_type = input_type if Contrast::Agent::Reporting::InputType.to_a.include?(input_type)
+            end
+
+            def empty?
+              Contrast::Utils::DuckUtils.empty_duck?(@input_type)
+            end
+
+            # Override this method to return the required Agent Telemetry fields.
+            # @return [Hash]
+            def to_fields
+              {}
+            end
+
+            private
+
+            # @return [String]
+            def to_field_title
+              if (ENV['CONTRAST_AGENT_TELEMETRY_TEST'] = '1')
+                TEST_NAME
+              else
+                FIELD_NAME
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/protect/rule/input_classification/statistics.rb

@@ -0,0 +1,115 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/agent/protect/rule/input_classification/utils'
+require 'contrast/agent/protect/rule/input_classification/match_rates'
+require 'contrast/agent/telemetry/input_analysis_cache_event'
+require 'contrast/agent/reporting/input_analysis/score_level'
+require 'contrast/agent/reporting/input_analysis/input_type'
+
+module Contrast
+  module Agent
+    module Protect
+      module Rule
+        module InputClassification
+          # This class will hold match information for each rule when input classification is being saved in LRU cache.
+          class Statistics
+            include Contrast::Agent::Protect::Rule::InputClassification::Utils
+            include Contrast::Components::Logger::InstanceMethods
+
+            attr_reader :data
+
+            # Protect rules will always be fixed number, on other hand the number of inputs will grow,
+            # we need to limit the number of inputs to be cached.
+            CAPACITY = 30
+
+            def initialize
+              @data = {}
+            end
+
+            # This method will handle the statistics for the input match
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param cached [Contrast::Agent::Protect::InputClassification::CachedResult]
+            # @param request [Contrast::Agent::Request] the current request.
+            def match! rule_id, cached, request
+              return unless Contrast::Agent::Telemetry::Base.enabled?
+
+              push(rule_id, cached)
+              fetch(rule_id, cached.result.input_type)&.increase_match_for_input
+              return unless cached.request_id == request.__id__
+
+              fetch(rule_id, cached.result.input_type)&.increase_match_for_request
+            end
+
+            # This method will handle the statistics for the input mismatch.
+            # Skip if this is the called with empty cache since it's not fair.
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param input_type [Symbol] Type of the input
+            def mismatch! rule_id, input_type
+              return unless Contrast::Agent::Telemetry::Base.enabled?
+              return if Contrast::Agent::Protect::InputAnalyzer.lru_cache.empty?
+
+              fetch(rule_id, input_type)&.increase_mismatch_for_input
+            end
+
+            # @return [Array<Contrast::Agent::Telemetry::InputAnalysisCacheEvent>] the events to be sent.
+            def to_events
+              events = []
+              data.each do |_rule_id, match_rates|
+                match_rates.each do |match_rate|
+                  event = Contrast::Agent::Telemetry::InputAnalysisCacheEvent.new(match_rate.rule_id, match_rate)
+                  next if event.empty?
+
+                  events << event
+                end
+              end
+              events
+            rescue StandardError => e
+              logger.error("[IA_LRU_Cache] Error while creating events: #{ e }", stacktrace: e.backtrace)
+              []
+            end
+
+            # Creates new statisctics for protect rule.
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param cached [Contrast::Agent::Protect::InputClassification::CachedResult]
+            def push rule_id, cached
+              new_entry = Contrast::Agent::Protect::Rule::InputClassification::MatchRates.
+                  new(rule_id, cached.result.input_type, cached.result.score_level)
+
+              @data[rule_id] = [] if Contrast::Utils::DuckUtils.empty_duck?(@data[rule_id])
+              @data[rule_id].shift if @data[rule_id].length >= CAPACITY
+              @data[rule_id] << new_entry unless saved?(rule_id, cached)
+            end
+
+            # Get the statistics for the protect rule.
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param input_type [Symbol] Type of the input
+            def fetch rule_id, input_type
+              safe_extract(@data[rule_id]&.select { |e| e.input_type == input_type })
+            end
+
+            private
+
+            # Checks if the rate is saved for the input.
+            #
+            # @param rule_id [String] the Protect rule name.
+            # @param new_entry [Contrast::Agent::Protect::InputClassification::CachedResult]
+            def saved? rule_id, new_entry
+              !fetch(rule_id, new_entry&.result&.input_type).nil?
+            end
+
+            # Call this method from the LRU Cache to get the statistics for a given rule_id, so it could be
+            # thread safe.
+            def clear
+              @data.clear
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/protect/rule/input_classification/utils.rb

@@ -0,0 +1,23 @@
+# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+module Contrast
+  module Agent
+    module Protect
+      module Rule
+        module InputClassification
+          # Utils module for Input Classification.
+          module Utils
+            # Extracts data return as array from the cache.
+            #
+            # @param object [NilClass, Array<Contrast::Agent::Protect::InputClassification::CachedResult>]
+            # @return object [Contrast::Agent::Protect::InputClassification::CachedResult]
+            def safe_extract object
+              Array(object)[0]
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/protect/rule/no_sqli/no_sqli_input_classification.rb

@@ -4,7 +4,7 @@
 require 'contrast/utils/object_share'
 require 'contrast/agent/protect/rule/no_sqli/no_sqli'
 require 'contrast/agent/protect/input_analyzer/input_analyzer'
-require 'contrast/utils/input_classification_base'
+require 'contrast/agent/protect/rule/input_classification/base'
 
 module Contrast
   module Agent
@@ -15,7 +15,7 @@ module Contrast
         # to be analyzed at the sink level.
         module NoSqliInputClassification
           class << self
-            include InputClassificationBase
+            include Contrast::Agent::Protect::Rule::InputClassification::Base
 
             NOSQL_COMMENT_REGEXP = %r{"\s*(?:<--|//)}.cs__freeze
             NOSQL_OR_REGEXP = /(?=(\s+\|\|\s+))/.cs__freeze
@@ -96,8 +96,15 @@ module Contrast
             #
             # @return res [Contrast::Agent::Reporting::InputAnalysisResult]
             def create_new_input_result request, rule_id, input_type, value
-              score = evaluate_patterns(value)
-              score = evaluate_rules(value, score)
+              return unless Contrast::AGENT_LIB
+
+              # Cache retrieve
+              cached = Contrast::Agent::Protect::InputAnalyzer.lru_cache.lookout(rule_id, value, input_type, request)
+              return cached.result if cached.cs__is_a?(Contrast::Agent::Protect::InputClassification::CachedResult)
+
+              eval_value = base64_decode_input(value, input_type)
+              score = evaluate_patterns(eval_value)
+              score = evaluate_rules(eval_value, score)
 
               score_level = if definite_attack?(score)
                               DEFINITEATTACK
@@ -106,9 +113,12 @@ module Contrast
                             else
                               IGNORE
                             end
-              result = new_ia_result(rule_id, input_type, score_level, request.path, value)
-              add_needed_key(request, result, input_type, value)
-              result
+              ia_result = new_ia_result(rule_id, input_type, score_level, request.path, value)
+              add_needed_key(request, ia_result, input_type, value) if KEYS_NEEDED.include?(input_type)
+
+              # Cache save. Cache must be saved after the input evaluation is completed.
+              Contrast::Agent::Protect::InputAnalyzer.lru_cache.save(rule_id, ia_result, request)
+              ia_result
             end
 
             # This method evaluates the patterns relevant to NoSQL Injection to check whether

data/lib/contrast/agent/protect/rule/path_traversal/path_traversal_input_classification.rb

@@ -1,7 +1,7 @@
 # Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/utils/input_classification_base'
+require 'contrast/agent/protect/rule/input_classification/base'
 
 module Contrast
   module Agent
@@ -15,27 +15,31 @@ module Contrast
 
           THRESHOLD = 90.cs__freeze
           class << self
-            include InputClassificationBase
+            include Contrast::Agent::Protect::Rule::InputClassification::Base
 
             private
 
-            # This methods checks if input is tagged DEFINITEATTACK or IGNORE matches value with it's
-            # key if needed and Creates new isntance of InputAnalysisResult.
+            # Creates new instance of AgentLib evaluation result with direct call to AgentLib.
             #
-            # @param request [Contrast::Agent::Request] the current request context.
             # @param rule_id [String] The name of the Protect Rule.
             # @param input_type [Contrast::Agent::Reporting::InputType] The type of the user input.
             # @param value [String, Array<String>] the value of the input.
-            #
-            # @return res [Contrast::Agent::Reporting::InputAnalysisResult]
-            def create_new_input_result request, rule_id, input_type, value
-              return unless Contrast::AGENT_LIB
-
-              input_eval = Contrast::AGENT_LIB.eval_input(value,
-                                                          convert_input_type(input_type),
-                                                          Contrast::AGENT_LIB.rule_set[rule_id],
-                                                          Contrast::AGENT_LIB.eval_option[:PREFER_WORTH_WATCHING])
+            def build_input_eval rule_id, input_type, value
+              Contrast::AGENT_LIB.eval_input(value,
+                                             Contrast::Agent::Protect::Rule::InputClassification::Base.
+                                                convert_input_type(input_type),
+                                             Contrast::AGENT_LIB.rule_set[rule_id],
+                                             Contrast::AGENT_LIB.eval_option[:PREFER_WORTH_WATCHING])
+            end
 
+            # Creates specific result from the AgentLib evaluation.
+            #
+            # @param rule_id [String] The name of the Protect Rule.
+            # @param input_type [Contrast::Agent::Reporting::InputType] The type of the user input.
+            # @param value [String, Array<String>] the value of the input.
+            # @param request [Contrast::Agent::Request] the current request context.
+            # @param input_eval [Contrast::AgentLib::EvalResult] the result of the input evaluation.
+            def build_ia_result rule_id, input_type, value, request, input_eval
               ia_result = new_ia_result(rule_id, input_type, request.path, value)
               score = input_eval&.score || 0
               if score >= THRESHOLD
@@ -50,7 +54,6 @@ module Contrast
               else
                 ia_result.score_level = IGNORE
               end
-              add_needed_key(request, ia_result, input_type, value)
               ia_result
             end
           end

data/lib/contrast/agent/protect/rule/sqli/sqli_input_classification.rb

@@ -5,7 +5,7 @@ require 'contrast/utils/object_share'
 require 'contrast/agent/reporting/input_analysis/input_type'
 require 'contrast/agent/reporting/input_analysis/score_level'
 require 'contrast/agent/protect/input_analyzer/input_analyzer'
-require 'contrast/utils/input_classification_base'
+require 'contrast/agent/protect/rule/input_classification/base'
 
 module Contrast
   module Agent
@@ -17,7 +17,7 @@ module Contrast
         module SqliInputClassification
           WORTHWATCHING_MATCH = 'sqli-worth-watching-v2'.cs__freeze
           class << self
-            include InputClassificationBase
+            include Contrast::Agent::Protect::Rule::InputClassification::Base
             include Contrast::Components::Logger::InstanceMethods
           end
         end

data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification.rb

@@ -4,7 +4,7 @@
 require 'contrast/utils/object_share'
 require 'contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload'
 require 'contrast/agent/protect/input_analyzer/input_analyzer'
-require 'contrast/utils/input_classification_base'
+require 'contrast/agent/protect/rule/input_classification/base'
 
 module Contrast
   module Agent
@@ -16,26 +16,30 @@ module Contrast
           UNSAFE_UPLOAD_MATCH = 'unsafe-file-upload-input-tracing-v1'
 
           class << self
-            include InputClassificationBase
+            include Contrast::Agent::Protect::Rule::InputClassification::Base
 
             private
 
-            # This methods checks if input is tagged DEFINITEATTACK or IGNORE matches value with it's
-            # key if needed and Creates new isntance of InputAnalysisResult.
+            # Creates new instance of AgentLib evaluation result with direct call to AgentLib.
             #
-            # @param request [Contrast::Agent::Request] the current request context.
             # @param rule_id [String] The name of the Protect Rule.
-            # @param input_type [Contrast::Agent::Reporting::InputType] The type of the user input.
+            # @param _input_type [Contrast::Agent::Reporting::InputType] The type of the user input.
             # @param value [String, Array<String>] the value of the input.
-            #
-            # @return res [Contrast::Agent::Reporting::InputAnalysisResult]
-            def create_new_input_result request, rule_id, input_type, value
-              return unless Contrast::AGENT_LIB
-              return unless (input_eval = Contrast::AGENT_LIB.eval_input(value,
-                                                                         Contrast::AGENT_LIB.input_set[:MULTIPART_NAME],
-                                                                         Contrast::AGENT_LIB.rule_set[rule_id],
-                                                                         Contrast::AGENT_LIB.eval_option[:NONE]))
+            def build_input_eval rule_id, _input_type, value
+              Contrast::AGENT_LIB.eval_input(value,
+                                             Contrast::AGENT_LIB.input_set[:MULTIPART_NAME],
+                                             Contrast::AGENT_LIB.rule_set[rule_id],
+                                             Contrast::AGENT_LIB.eval_option[:NONE])
+            end
 
+            # Creates specific result from the AgentLib evaluation.
+            #
+            # @param rule_id [String] The name of the Protect Rule.
+            # @param input_type [Contrast::Agent::Reporting::InputType] The type of the user input.
+            # @param value [String, Array<String>] the value of the input.
+            # @param request [Contrast::Agent::Request] the current request context.
+            # @param input_eval [Contrast::AgentLib::EvalResult] the result of the input evaluation.
+            def build_ia_result rule_id, input_type, value, request, input_eval
               ia_result = new_ia_result(rule_id, input_type, request.path, value)
               if input_eval.score >= THRESHOLD
                 ia_result.score_level = DEFINITEATTACK
@@ -51,7 +55,6 @@ module Contrast
                               else
                                 Contrast::Utils::ObjectShare::EMPTY_STRING
                               end
-
               ia_result
             end
           end